PT-2026-57529 · Trendnet · Tew-821Dap

Iot_Res

·

Published

2026-07-12

·

Updated

2026-07-12

·

CVE-2026-15485

CVSS v2.0

6.5

Medium

VectorAV:N/AC:L/Au:S/C:P/I:P/A:P
A flaw has been found in TRENDnet TEW-821DAP 1.11B03. The impacted element is the function sub 43F2C4 of the file /goform/tools nslookup of the component DNS Lookup Handler. This manipulation of the argument nslookup target/dns server causes os command injection. The attack can be initiated remotely. The vendor explains: "We are unable to confirm the existence of the vulnerabilities for (...) TEW-821DAP (v1.0R) as these items have been EOL. " This vulnerability only affects products that are no longer supported by the maintainer.

Fix

Command Injection

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15485

Affected Products

Tew-821Dap